{"id":19891125,"url":"https://github.com/luccasa/pingcastle-notify","last_synced_at":"2025-04-12T11:53:02.423Z","repository":{"id":60282697,"uuid":"536182007","full_name":"LuccaSA/PingCastle-Notify","owner":"LuccaSA","description":"Monitor your PingCastle scans to highlight the rule diff between two scans","archived":false,"fork":false,"pushed_at":"2024-08-08T13:28:01.000Z","size":70,"stargazers_count":109,"open_issues_count":5,"forks_count":18,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-03-26T06:34:37.032Z","etag":null,"topics":["pingcastle","plateforme","slack","slack-bot","teams"],"latest_commit_sha":null,"homepage":"","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/LuccaSA.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-09-13T15:06:16.000Z","updated_at":"2025-03-04T12:30:43.000Z","dependencies_parsed_at":"2025-01-28T15:10:56.742Z","dependency_job_id":"92504c7e-0f84-4640-902e-3d77ddadf8ce","html_url":"https://github.com/LuccaSA/PingCastle-Notify","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LuccaSA%2FPingCastle-Notify","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LuccaSA%2FPingCastle-Notify/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LuccaSA%2FPingCastle-Notify/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LuccaSA%2FPingCastle-Notify/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/LuccaSA","download_url":"https://codeload.github.com/LuccaSA/PingCastle-Notify/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248565037,"owners_count":21125414,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["pingcastle","plateforme","slack","slack-bot","teams"],"created_at":"2024-11-12T18:17:11.350Z","updated_at":"2025-04-12T11:53:02.400Z","avatar_url":"https://github.com/LuccaSA.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"PingCastle Notify\n===\n\nPingCastle Notify is a tool that will monitor your PingCastle reports ! You will be notified every time a change between a scan and a previous scan is made.\n\nHow it works ? PingCastle-Notify is a PS1 script that will run a PingCastle scan, compare the difference between a previous scan, highlight the diff and send the result into a Slack / Teams channel or a log file !\n\nThe slack/teams/log message will notify you regarding the different states: correction, recession etc\n\n\u003cp align=\"center\"\u003e\n\n![image](https://github.com/LuccaSA/PingCastle-Notify/assets/5891788/35eb7e52-600e-4c15-bcb3-f57bf0b2a89f)\n\n\u003e :warning: If you don't want to use Slack or Teams set the variable `$teams` and `$slack` to 0 inside the ps1 script. Skip the step \"Create a BOT\" and check the log file inside the **Reports** folder.\n\n\u003c/p\u003e\n\u003chr\u003e\n\u003cdetails\u003e\n\u003csummary\u003e:arrow_forward: \u003cb\u003eFirst scan\u003c/b\u003e\u003c/summary\u003e\n\nSlack             | Teams\n:-------------------------:|:-------------------------:\n![image](https://user-images.githubusercontent.com/5891788/191265007-57656f04-12ed-4e93-af36-90b0711aa412.png)  |   ![image](https://user-images.githubusercontent.com/5891788/193760283-ef171f2d-6992-44b7-ad8e-8b3f113ffe3d.png)\n\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e:arrow_forward: \u003cb\u003eNo new vulnerability but some rules have been updated\u003c/b\u003e\u003c/summary\u003e\n\n![image](https://user-images.githubusercontent.com/5891788/191266282-cd790c58-76df-4116-89fa-4aa954f0dd7e.png)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\n\u003csummary\u003e:arrow_forward: \u003cb\u003eNew vulnerabilty\u003c/b\u003e\u003c/summary\u003e\n\nSlack             | Teams\n:-------------------------:|:-------------------------:\n![image](https://user-images.githubusercontent.com/5891788/191268156-cb1c1884-beef-421e-9aae-75661e071abf.png)  |   ![image](https://user-images.githubusercontent.com/5891788/193760136-668fca48-9ddf-47dd-b82a-0708117954f1.png)\n\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e:arrow_forward: \u003cb\u003eSome vulnerability have been removed\u003c/b\u003e\u003c/summary\u003e\n\nSlack             | Teams\n:-------------------------:|:-------------------------:\n![image](https://user-images.githubusercontent.com/5891788/191265798-0ef01763-6401-4c51-9d7d-8bf6f5ab246d.png)   |   ![image](https://user-images.githubusercontent.com/5891788/193760223-8658c35c-0ef3-4012-8679-8946987f4e4a.png)\n \n\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e:arrow_forward: \u003cb\u003eNo new vulnerability\u003c/b\u003e\u003c/summary\u003e\n\nNo result in slack since reports are the same\n\u003c/details\u003e\n\n---\n\u003cdetails\u003e\n\u003csummary\u003e:beginner: \u003cb\u003eAdding the result of the current scan\u003c/b\u003e\u003c/summary\u003e\n\nSet the variable `$print_current_result` to 1 in the script, the rules flagged on the current scan will be added as a thread into Slack or after the rule diff on Teams.\n\nSlack             | Teams\n:-------------------------:|:-------------------------:\n![image](https://user-images.githubusercontent.com/5891788/194527966-f13e0f85-cff6-4e22-86b1-00f871b29cc2.png)  |   ![Teams_8N2r3YiVh4](https://user-images.githubusercontent.com/5891788/194527837-8f6f0910-aa17-47d2-bfee-01d4defa569b.png)\n\u003c/details\u003e\n\n\n\n## How to install ?\n\n### Structure of the project\n\n```\nSECU-TOOL-SCAN/\n    - PingCastle-Notify.ps1\n    - PingCastle/\n        - Reports/\n            - domain.local.xml\n            - domain.local.html\n            - scan.logs \u003c-- contains the logs of the scan (diff scan)\n        - Pingcastle.exe\n        - ...\n```\n\n#### PingCastle \u0026 PingCastle-Notify.ps1\n\n1. Download PingCastle\n2. Unzip the archive\n3. Create a \"**Reports**\" folder inside the PingCastle folder\n4. Download and add the file `PingCastle-Notify.ps1` on the parent directory\n\n#### Create a BOT\n\n\u003cdetails\u003e\n\u003csummary\u003e:arrow_forward: \u003cb\u003eSlack BOT\u003c/b\u003e\u003c/summary\u003e\n\n1. In Slack create an application https://api.slack.com/apps\n2. Add the following rights\n   - Click on \"Add features and functionality\" -\u003e Bots (configure the name)\n   - Click on \"Add features and functionality\" -\u003e Permissions (add the following permissions)\n   - Generate a \"Bot User OAuth Token\" on the Permissions tab\n   \n![image](https://user-images.githubusercontent.com/5891788/191264679-7942173b-bb1f-4dd1-a936-4e97acdb1b5e.png)\n\n3. Get your token add it to the PingCastle-Notify.ps1 script\n4. Create a slack channel and add your bot user to the channel\n5. You can test your bot using https://api.slack.com/methods/chat.postMessage/test\n6. Add the channel to the script\n7. Run the script to test using this command: \n   `powershell.exe -exec bypass C:\\YOUR_PATH\\SECU-TOOL-SCAN\\PingCastle-Notify.ps1`\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e:arrow_forward: \u003cb\u003eTeams BOT\u003c/b\u003e\u003c/summary\u003e\n\n1. Create a channel **pingcastle-scan**\n2. Click on the \"...\" dots and select \"Connectors\"\n3. Search for **Webhook**\n4. Add the webhook\n5. Re-click on the connectors button and on the webhook click **\"configure\"**\n6. Add a title and a logo and click **Create**, copy the wehbook URL\n7. Add the url on the variable `$teamsUri`\n8. Set the variable `$teams` to 1 and `$slack` to 0\n\u003c/details\u003e\n\n#### Deploy a Scheduled Task\n\nOn your Windows Server go to\n\n1. Create a service account that will run the PS1 script every night (no need to set the service account as domain admin)\n2. Give privileges to the service account on the folder \"Reports\"\n\n![image](https://user-images.githubusercontent.com/5891788/191264615-ab0b9479-b869-4cbf-9e74-499ca0b38c4e.png)\n\n3. Run taskschd.msc to open the Scheduler Task\n4. Create a Task and use the service account you just created\n5. In Actions tab set \"Start a program\" -\u003e \"Script\": `C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe` -\u003e \"Arguments\" -\u003e `-exec bypass -f C:\\PINGCASTLE\\Pingcastle-Notify.ps1`\n6. Give the permission \"Log on as Batch Job\" to service account https://danblee.com/log-on-as-batch-job-rights-for-task-scheduler/\n7. Run the scheduled task to test the result\n8. Enjoy :)\n\n\u003cp align=\"center\"\u003e\n\u003cimg width=\"600\" height=\"400\" src=\"https://user-images.githubusercontent.com/5891788/191264530-bb4f2700-d91b-4e94-8bb8-ea57238e90ca.png\"\u003e\n\u003cimg src=\"https://user-images.githubusercontent.com/5891788/191264565-a5fe4a3c-b14d-4e5a-b6c0-efe741d4591d.png\"\u003e\n\u003cimg src=\"https://user-images.githubusercontent.com/5891788/191264503-cb3155a9-f2b3-4fed-b6de-eaf35b47a545.png\"\u003e\n\u003c/p\u003e\n\n## Acknowledgement\n\n- Vincent Le Toux - https://twitter.com/mysmartlogon\n- Romain Tiennot - https://github.com/aikiox\n- Lilian Arago - https://github.com/NahisWayard\n- Romain Bourgue - https://github.com/raomin\n\n## License\n\nMIT License\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fluccasa%2Fpingcastle-notify","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fluccasa%2Fpingcastle-notify","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fluccasa%2Fpingcastle-notify/lists"}